Purpose-based policy enforcement in actor-based systems
S Riahi, R Khosravi, F Ghassemi - … , FSEN 2017, Tehran, Iran, April 26–28 …, 2017 - Springer
S Riahi, R Khosravi, F Ghassemi
Fundamentals of Software Engineering: 7th International Conference, FSEN 2017 …, 2017•SpringerPreserving data privacy is a challenging issue in distributed systems as private data may be
propagated as part of the messages transmitted among system components. We study the
problem of preserving data privacy on actor model as a well known reference model for
distributed asynchronous systems. Our approach to prevent private data disclosure is to
enforce purpose-based privacy policies which control the access and usage of private data.
We propose a method to specify purposes based on workflows modeled by Petri nets in …
propagated as part of the messages transmitted among system components. We study the
problem of preserving data privacy on actor model as a well known reference model for
distributed asynchronous systems. Our approach to prevent private data disclosure is to
enforce purpose-based privacy policies which control the access and usage of private data.
We propose a method to specify purposes based on workflows modeled by Petri nets in …
Abstract
Preserving data privacy is a challenging issue in distributed systems as private data may be propagated as part of the messages transmitted among system components. We study the problem of preserving data privacy on actor model as a well known reference model for distributed asynchronous systems. Our approach to prevent private data disclosure is to enforce purpose-based privacy policies which control the access and usage of private data. We propose a method to specify purposes based on workflows modeled by Petri nets in which transitions correspond to message communications. We first use model checking to verify whether the actor model behaves conforming to the purpose model. Then, the satisfaction of the policies are checked using data dependence analysis. We also provide a method to evaluate the effectiveness of policies through checking of private data disclosure in the presence of privacy policies. Since these checks are performed statically at design time, no runtime overhead is imposed on the system.
Springer
以上显示的是最相近的搜索结果。 查看全部搜索结果